Privacy Policy

1. An overview of data protection

General information

The fol­low­ing inform­a­tion will provide you with an easy to nav­ig­ate over­view of what will hap­pen with your per­son­al data when you vis­it this web­site. The term “per­son­al data” com­prises all data that can be used to per­son­ally identi­fy you. For detailed inform­a­tion about the sub­ject mat­ter of data pro­tec­tion, please con­sult our Data Pro­tec­tion Declar­a­tion, which we have included beneath this copy.

Data recording on this website

Who is the responsible party for the recording of data on this website (i.e., the “controller”)?

The data on this web­site is pro­cessed by the oper­at­or of the web­site, whose con­tact inform­a­tion is avail­able under sec­tion “Inform­a­tion about the respons­ible party (referred to as the “con­trol­ler” in the GDPR)” in this Pri­vacy Policy.

How do we record your data?

We col­lect your data as a res­ult of your shar­ing of your data with us. This may, for instance be inform­a­tion you enter into our con­tact form.

Oth­er data shall be recor­ded by our IT sys­tems auto­mat­ic­ally or after you con­sent to its record­ing dur­ing your web­site vis­it. This data com­prises primar­ily tech­nic­al inform­a­tion (e.g., web browser, oper­at­ing sys­tem, or time the site was accessed). This inform­a­tion is recor­ded auto­mat­ic­ally when you access this web­site.

What are the purposes we use your data for?

A por­tion of the inform­a­tion is gen­er­ated to guar­an­tee the error free pro­vi­sion of the web­site. Oth­er data may be used to ana­lyze your user pat­terns.

What rights do you have as far as your information is concerned?

You have the right to receive inform­a­tion about the source, recip­i­ents, and pur­poses of your archived per­son­al data at any time without hav­ing to pay a fee for such dis­clos­ures. You also have the right to demand that your data are rec­ti­fied or erad­ic­ated. If you have con­sen­ted to data pro­cessing, you have the option to revoke this con­sent at any time, which shall affect all future data pro­cessing. Moreover, you have the right to demand that the pro­cessing of your data be restric­ted under cer­tain cir­cum­stances. Fur­ther­more, you have the right to log a com­plaint with the com­pet­ent super­vising agency.

Please do not hes­it­ate to con­tact us at any time if you have ques­tions about this or any oth­er data pro­tec­tion related issues.

Analysis tools and tools provided by third parties

There is a pos­sib­il­ity that your brows­ing pat­terns will be stat­ist­ic­ally ana­lyzed when your vis­it this web­site. Such ana­lyses are per­formed primar­ily with what we refer to as ana­lys­is pro­grams.

For detailed inform­a­tion about these ana­lys­is pro­grams please con­sult our Data Pro­tec­tion Declar­a­tion below.

2. Hosting

We are host­ing the con­tent of our web­site at the fol­low­ing pro­vider:

Host Europe

The pro­vider is the Host Europe GmbH, Hansestraße 111, 51149 Köln, Ger­many (here­in­after referred to as: Host Europe). Whenev­er you vis­it our web­site, Host Europe will record a vari­ety of log­files, includ­ing your IP addresses.

For details, please refer to the Data Pri­vacy Policy of Host Europe: https://www.hosteurope.de/AGB/Datenschutzerklaerung/.

We use Host Europe on the basis of Art. 6(1)(f) GDPR. We have a legit­im­ate interest in mak­ing the depic­tion of our web­site as depend­able as pos­sible. If you have been asked for your respect­ive con­sent, pro­cessing shall occur exclus­ively on the basis of Art. 6(1)(a) GDPR and § 25(1) TTDSG, if the con­sent com­prises the archiv­ing of cook­ies or access to inform­a­tion on the user’s device (e.g., device fin­ger print­ing) as defined in the TTDSG. Such con­sent may be revoked at any time.

Data processing

We have con­cluded a data pro­cessing agree­ment (DPA) for the use of the above-men­tioned ser­vice. This is a con­tract man­dated by data pri­vacy laws that guar­an­tees that they pro­cess per­son­al data of our web­site vis­it­ors only based on our instruc­tions and in com­pli­ance with the GDPR.

3. General information and mandatory information

Data protection

The oper­at­ors of this web­site and its pages take the pro­tec­tion of your per­son­al data very ser­i­ously. Hence, we handle your per­son­al data as con­fid­en­tial inform­a­tion and in com­pli­ance with the stat­utory data pro­tec­tion reg­u­la­tions and this Data Pro­tec­tion Declar­a­tion.

Whenev­er you use this web­site, a vari­ety of per­son­al inform­a­tion will be col­lec­ted. Per­son­al data com­prises data that can be used to per­son­ally identi­fy you. This Data Pro­tec­tion Declar­a­tion explains which data we col­lect as well as the pur­poses we use this data for. It also explains how, and for which pur­pose the inform­a­tion is col­lec­ted.

We here­with advise you that the trans­mis­sion of data via the Inter­net (i.e., through e‑mail com­mu­nic­a­tions) may be prone to secur­ity gaps. It is not pos­sible to com­pletely pro­tect data against third-party access.

Information about the responsible party (referred to as the “controller” in the GDPR)

The data pro­cessing con­trol­ler on this web­site is:

in.vent Dia­gnost­ica GmbH
Neuen­dorf­straße 17
16761 Hen­nigs­dorf

Phone: +49 3302 55199–0
E‑mail: info@proteinarrays.bio

The con­trol­ler is the nat­ur­al per­son or leg­al entity that single-handedly or jointly with oth­ers makes decisions as to the pur­poses of and resources for the pro­cessing of per­son­al data (e.g., names, e‑mail addresses, etc.).

Storage duration

Unless a more spe­cif­ic stor­age peri­od has been spe­cified in this pri­vacy policy, your per­son­al data will remain with us until the pur­pose for which it was col­lec­ted no longer applies. If you assert a jus­ti­fied request for dele­tion or revoke your con­sent to data pro­cessing, your data will be deleted, unless we have oth­er leg­ally per­miss­ible reas­ons for stor­ing your per­son­al data (e.g., tax or com­mer­cial law reten­tion peri­ods); in the lat­ter case, the dele­tion will take place after these reas­ons cease to apply.

General information on the legal basis for the data processing on this website

If you have con­sen­ted to data pro­cessing, we pro­cess your per­son­al data on the basis of Art. 6(1)(a) GDPR or Art. 9 (2)(a) GDPR, if spe­cial cat­egor­ies of data are pro­cessed accord­ing to Art. 9 (1) DSGVO. In the case of expli­cit con­sent to the trans­fer of per­son­al data to third coun­tries, the data pro­cessing is also based on Art. 49 (1)(a) GDPR. If you have con­sen­ted to the stor­age of cook­ies or to the access to inform­a­tion in your end device (e.g., via device fin­ger­print­ing), the data pro­cessing is addi­tion­ally based on § 25 (1) TTDSG. The con­sent can be revoked at any time. If your data is required for the ful­fill­ment of a con­tract or for the imple­ment­a­tion of pre-con­trac­tu­al meas­ures, we pro­cess your data on the basis of Art. 6(1)(b) GDPR. Fur­ther­more, if your data is required for the ful­fill­ment of a leg­al oblig­a­tion, we pro­cess it on the basis of Art. 6(1)© GDPR. Fur­ther­more, the data pro­cessing may be car­ried out on the basis of our legit­im­ate interest accord­ing to Art. 6(1)(f) GDPR. Inform­a­tion on the rel­ev­ant leg­al basis in each indi­vidu­al case is provided in the fol­low­ing para­graphs of this pri­vacy policy.

Information on the data transfer to third-party countries that are not secure under data protection law and the transfer to US companies that are not DPF-certified

We use, among oth­er tech­no­lo­gies, tools from com­pan­ies loc­ated in third-party coun­tries that are not safe under data pro­tec­tion law, as well as US tools whose pro­viders are not cer­ti­fied under the EU-US Data Pri­vacy Frame­work (DPF). If these tools are enabled, your per­son­al data may be trans­ferred to and pro­cessed in these coun­tries. We would like you to note that no level of data pro­tec­tion com­par­able to that in the EU can be guar­an­teed in third coun­tries that are insec­ure in terms of data pro­tec­tion law.

We would like to point out that the US, as a secure third-party coun­try, gen­er­ally has a level of data pro­tec­tion com­par­able to that of the EU. Data trans­fer to the US is there­fore per­mit­ted if the recip­i­ent is cer­ti­fied under the “EU-US Data Pri­vacy Frame­work” (DPF) or has appro­pri­ate addi­tion­al assur­ances. Inform­a­tion on trans­fers to third-party coun­tries, includ­ing the data recip­i­ents, can be found in this Pri­vacy Policy.

Recipients of personal data

In the scope of our busi­ness activ­it­ies, we cooper­ate with vari­ous extern­al parties. In some cases, this also requires the trans­fer of per­son­al data to these extern­al parties. We only dis­close per­son­al data to extern­al parties if this is required as part of the ful­fill­ment of a con­tract, if we are leg­ally oblig­ated to do so (e.g., dis­clos­ure of data to tax author­it­ies), if we have a legit­im­ate interest in the dis­clos­ure pur­su­ant to Art. 6 (1)(f) GDPR, or if anoth­er leg­al basis per­mits the dis­clos­ure of this data. When using pro­cessors, we only dis­close per­son­al data of our cus­tom­ers on the basis of a val­id con­tract on data pro­cessing. In the case of joint pro­cessing, a joint pro­cessing agree­ment is con­cluded.

Revocation of your consent to the processing of data

A wide range of data pro­cessing trans­ac­tions are pos­sible only sub­ject to your express con­sent. You can also revoke at any time any con­sent you have already giv­en us. This shall be without pre­ju­dice to the law­ful­ness of any data col­lec­tion that occurred pri­or to your revoc­a­tion.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR)

IN THE EVENT THAT DATA ARE PROCESSED ON THE BASIS OF ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO AT ANY TIME OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA BASED ON GROUNDS ARISING FROM YOUR UNIQUE SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS, ON WHICH ANY PROCESSING OF DATA IS BASED, PLEASE CONSULT THIS DATA PROTECTION DECLARATION. IF YOU LOG AN OBJECTION, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA, UNLESS WE ARE IN A POSITION TO PRESENT COMPELLING PROTECTION WORTHY GROUNDS FOR THE PROCESSING OF YOUR DATA, THAT OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE CLAIMING, EXERCISING OR DEFENCE OF LEGAL ENTITLEMENTS (OBJECTION PURSUANT TO ART. 21(1) GDPR).

IF YOUR PERSONAL DATA IS BEING PROCESSED IN ORDER TO ENGAGE IN DIRECT ADVERTISING, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR AFFECTED PERSONAL DATA FOR THE PURPOSES OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS AFFILIATED WITH SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR DIRECT ADVERTISING PURPOSES (OBJECTION PURSUANT TO ART. 21(2) GDPR).

Right to log a complaint with the competent supervisory agency

In the event of viol­a­tions of the GDPR, data sub­jects are entitled to log a com­plaint with a super­vis­ory agency, in par­tic­u­lar in the mem­ber state where they usu­ally main­tain their dom­i­cile, place of work or at the place where the alleged viol­a­tion occurred. The right to log a com­plaint is in effect regard­less of any oth­er admin­is­trat­ive or court pro­ceed­ings avail­able as leg­al recourses.

Right to data portability

You have the right to have data that we pro­cess auto­mat­ic­ally on the basis of your con­sent or in ful­fill­ment of a con­tract handed over to you or to a third party in a com­mon, machine-read­able format. If you should demand the dir­ect trans­fer of the data to anoth­er con­trol­ler, this will be done only if it is tech­nic­ally feas­ible.

Information about, rectification and eradication of data

With­in the scope of the applic­able stat­utory pro­vi­sions, you have the right to demand inform­a­tion about your archived per­son­al data, their source and recip­i­ents as well as the pur­pose of the pro­cessing of your data at any time. You may also have a right to have your data rec­ti­fied or erad­ic­ated. If you have ques­tions about this sub­ject mat­ter or any oth­er ques­tions about per­son­al data, please do not hes­it­ate to con­tact us at any time.

Right to demand processing restrictions

You have the right to demand the impos­i­tion of restric­tions as far as the pro­cessing of your per­son­al data is con­cerned. To do so, you may con­tact us at any time. The right to demand restric­tion of pro­cessing applies in the fol­low­ing cases:

• In the event that you should dis­pute the cor­rect­ness of your data archived by us, we will usu­ally need some time to veri­fy this claim. Dur­ing the time that this invest­ig­a­tion is ongo­ing, you have the right to demand that we restrict the pro­cessing of your per­son­al data.
• If the pro­cessing of your per­son­al data was/is con­duc­ted in an unlaw­ful man­ner, you have the option to demand the restric­tion of the pro­cessing of your data instead of demand­ing the erad­ic­a­tion of this data.
• If we do not need your per­son­al data any longer and you need it to exer­cise, defend or claim leg­al enti­tle­ments, you have the right to demand the restric­tion of the pro­cessing of your per­son­al data instead of its erad­ic­a­tion.
• If you have raised an objec­tion pur­su­ant to Art. 21(1) GDPR, your rights and our rights will have to be weighed against each oth­er. As long as it has not been determ­ined whose interests pre­vail, you have the right to demand a restric­tion of the pro­cessing of your per­son­al data.

If you have restric­ted the pro­cessing of your per­son­al data, these data – with the excep­tion of their archiv­ing – may be pro­cessed only sub­ject to your con­sent or to claim, exer­cise or defend leg­al enti­tle­ments or to pro­tect the rights of oth­er nat­ur­al per­sons or leg­al entit­ies or for import­ant pub­lic interest reas­ons cited by the European Uni­on or a mem­ber state of the EU.

SSL and/or TLS encryption

For secur­ity reas­ons and to pro­tect the trans­mis­sion of con­fid­en­tial con­tent, such as pur­chase orders or inquir­ies you sub­mit to us as the web­site oper­at­or, this web­site uses either an SSL or a TLS encryp­tion pro­gram. You can recog­nize an encryp­ted con­nec­tion by check­ing wheth­er the address line of the browser switches from “http://” to “https://” and also by the appear­ance of the lock icon in the browser line.

If the SSL or TLS encryp­tion is activ­ated, data you trans­mit to us can­not be read by third parties.

4. Recording of data on this website

Cookies

Our web­sites and pages use what the industry refers to as “cook­ies.” Cook­ies are small data pack­ages that do not cause any dam­age to your device. They are either stored tem­por­ar­ily for the dur­a­tion of a ses­sion (ses­sion cook­ies) or they are per­man­ently archived on your device (per­man­ent cook­ies). Ses­sion cook­ies are auto­mat­ic­ally deleted once you ter­min­ate your vis­it. Per­man­ent cook­ies remain archived on your device until you act­ively delete them, or they are auto­mat­ic­ally erad­ic­ated by your web browser.

Cook­ies can be issued by us (first-party cook­ies) or by third-party com­pan­ies (so-called third-party cook­ies). Third-party cook­ies enable the integ­ra­tion of cer­tain ser­vices of third-party com­pan­ies into web­sites (e.g., cook­ies for hand­ling pay­ment ser­vices).

Cook­ies have a vari­ety of func­tions. Many cook­ies are tech­nic­ally essen­tial since cer­tain web­site func­tions would not work in the absence of these cook­ies (e.g., the shop­ping cart func­tion or the dis­play of videos). Oth­er cook­ies may be used to ana­lyze user beha­vi­or or for pro­mo­tion­al pur­poses.

Cook­ies, which are required for the per­form­ance of elec­tron­ic com­mu­nic­a­tion trans­ac­tions, for the pro­vi­sion of cer­tain func­tions you want to use (e.g., for the shop­ping cart func­tion) or those that are neces­sary for the optim­iz­a­tion (required cook­ies) of the web­site (e.g., cook­ies that provide meas­ur­able insights into the web audi­ence), shall be stored on the basis of Art. 6(1)(f) GDPR, unless a dif­fer­ent leg­al basis is cited. The oper­at­or of the web­site has a legit­im­ate interest in the stor­age of required cook­ies to ensure the tech­nic­ally error-free and optim­ized pro­vi­sion of the operator’s ser­vices. If your con­sent to the stor­age of the cook­ies and sim­il­ar recog­ni­tion tech­no­lo­gies has been reques­ted, the pro­cessing occurs exclus­ively on the basis of the con­sent obtained (Art. 6(1)(a) GDPR and § 25 (1) TTDSG); this con­sent may be revoked at any time.

You have the option to set up your browser in such a man­ner that you will be noti­fied any time cook­ies are placed and to per­mit the accept­ance of cook­ies only in spe­cif­ic cases. You may also exclude the accept­ance of cook­ies in cer­tain cases or in gen­er­al or activ­ate the delete-func­tion for the auto­mat­ic erad­ic­a­tion of cook­ies when the browser closes. If cook­ies are deac­tiv­ated, the func­tions of this web­site may be lim­ited.

Which cook­ies and ser­vices are used on this web­site can be found in this pri­vacy policy.

Consent with Borlabs Cookie

Our web­site uses the Bor­labs con­sent tech­no­logy to obtain your con­sent to the stor­age of cer­tain cook­ies in your browser or for the use of cer­tain tech­no­lo­gies and for their data pri­vacy pro­tec­tion com­pli­ant doc­u­ment­a­tion. The pro­vider of this tech­no­logy is Bor­labs GmbH, Rüben­kamp 32, 22305 Ham­burg, Ger­many (here­in­after referred to as Bor­labs).

Whenev­er you vis­it our web­site, a Bor­labs cook­ie will be stored in your browser, which archives any declar­a­tions or revoc­a­tions of con­sent you have entered. These data are not shared with the pro­vider of the Bor­labs tech­no­logy.

The recor­ded data shall remain archived until you ask us to erad­ic­ate them, delete the Bor­labs cook­ie on your own or the pur­pose of stor­ing the data no longer exists. This shall be without pre­ju­dice to any reten­tion oblig­a­tions man­dated by law. To review the details of Bor­labs’ data pro­cessing policies, please vis­it https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/

We use the Bor­labs cook­ie con­sent tech­no­logy to obtain the declar­a­tions of con­sent man­dated by law for the use of cook­ies. The leg­al basis for the use of such cook­ies is Art. 6(1)© GDPR.

5. Social media

Facebook

We have integ­rated ele­ments of the social net­work Face­book on this web­site. The pro­vider of this ser­vice is Meta Plat­forms Ire­land Lim­ited, 4 Grand Canal Square, Dub­lin 2, Ire­land. Accord­ing to Facebook’s state­ment the col­lec­ted data will be trans­ferred to the USA and oth­er third-party coun­tries too.

An over­view of the Face­book social media ele­ments is avail­able under the fol­low­ing link: https://developers.facebook.com/docs/plugins/.

If the social media ele­ment has been activ­ated, a dir­ect con­nec­tion between your device and the Face­book serv­er will be estab­lished. As a res­ult, Face­book will receive inform­a­tion con­firm­ing your vis­it to this web­site with your IP address. If you click on the Face­book Like but­ton while you are logged into your Face­book account, you can link con­tent of this web­site to your Face­book pro­file. Con­sequently, Face­book will be able to alloc­ate your vis­it to this web­site to your user account. We have to emphas­ize that we as the pro­vider of the web­site do not receive any inform­a­tion on the con­tent of the trans­ferred data and its use by Face­book. For more inform­a­tion, please con­sult the Data Pri­vacy Policy of Face­book at: https://de-de.facebook.com/privacy/explanation.

If your approv­al (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6 Sect. 1 lit. a GDPR and § 25 TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­im­ate interest in mak­ing our inform­a­tion as com­pre­hens­ively vis­ible as pos­sible on social media.

Inso­far as per­son­al data is col­lec­ted on our web­site with the help of the tool described here and for­war­ded to Face­book, we and Meta Plat­forms Ire­land Lim­ited, 4 Grand Canal Square, Grand Canal Har­bour, Dub­lin 2, Ire­land are jointly respons­ible for this data pro­cessing (Art. 26 DSGVO). The joint respons­ib­il­ity is lim­ited exclus­ively to the col­lec­tion of the data and its for­ward­ing to Face­book. The pro­cessing by Face­book that takes place after the onward trans­fer is not part of the joint respons­ib­il­ity. The oblig­a­tions incum­bent on us jointly have been set out in a joint pro­cessing agree­ment. The word­ing of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. Accord­ing to this agree­ment, we are respons­ible for provid­ing the pri­vacy inform­a­tion when using the Face­book tool and for the pri­vacy-secure imple­ment­a­tion of the tool on our web­site. Face­book is respons­ible for the data secur­ity of Face­book products. You can assert data sub­ject rights (e.g., requests for inform­a­tion) regard­ing data pro­cessed by Face­book dir­ectly with Face­book. If you assert the data sub­ject rights with us, we are obliged to for­ward them to Face­book.

Data trans­mis­sion to the US is based on the Stand­ard Con­trac­tu­al Clauses (SCC) of the European Com­mis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

The com­pany is cer­ti­fied in accord­ance with the “EU-US Data Pri­vacy Frame­work” (DPF). The DPF is an agree­ment between the European Uni­on and the US, which is inten­ded to ensure com­pli­ance with European data pro­tec­tion stand­ards for data pro­cessing in the US. Every com­pany cer­ti­fied under the DPF is obliged to com­ply with these data pro­tec­tion stand­ards. For more inform­a­tion, please con­tact the pro­vider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

X (formerly Twitter)

We have integ­rated func­tions of the social media plat­form X (formerly Twit­ter) into this web­site. These func­tions are provided by Twit­ter Inter­na­tion­al Com­pany, One Cum­ber­land Place, Feni­an Street, Dub­lin 2, D02 AX07, Ire­land.

If the social media ele­ment has been activ­ated, a dir­ect con­nec­tion between your device and X’s serv­er will be estab­lished. As a res­ult, X will receive inform­a­tion on your vis­it to this web­site. While you use X and the “Re-Tweet” or “Repost” func­tion, web­sites you vis­it are linked to your X account and dis­closed to oth­er users. We must point out, that we, the pro­viders of the web­site and its pages do not know any­thing about the con­tent of the data trans­ferred and the use of this inform­a­tion by X. For more details, please con­sult X’s Data Pri­vacy Declar­a­tion at: https://twitter.com/en/privacy.

If your approv­al (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­im­ate interest in mak­ing our inform­a­tion as com­pre­hens­ively vis­ible as pos­sible on social media.

Data trans­mis­sion to the US is based on the Stand­ard Con­trac­tu­al Clauses (SCC) of the European Com­mis­sion. Details can be found here: https://gdpr.twitter.com/en/controller-to-controller-transfers.html.

You have the option to reset your data pro­tec­tion set­tings on X under the account set­tings at https://twitter.com/account/settings.

Instagram

We have integ­rated func­tions of the pub­lic media plat­form Ins­tagram into this web­site. These func­tions are being offered by Meta Plat­forms Ire­land Lim­ited, 4 Grand Canal Square, Grand Canal Har­bour, Dub­lin 2, Ire­land.

If the social media ele­ment has been activ­ated, a dir­ect con­nec­tion between your device and Instagram’s serv­er will be estab­lished. As a res­ult, Ins­tagram will receive inform­a­tion on your vis­it to this web­site.

If you are logged into your Ins­tagram account, you may click the Ins­tagram but­ton to link con­tents from this web­site to your Ins­tagram pro­file. This enables Ins­tagram to alloc­ate your vis­it to this web­site to your user account. We have to point out that we as the pro­vider of the web­site and its pages do not have any know­ledge of the con­tent of the data trans­ferred and its use by Ins­tagram.

If your approv­al (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6(1)(a) GDPR and § 25 TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­im­ate interest in mak­ing our inform­a­tion as com­pre­hens­ively vis­ible as pos­sible on social media.

Inso­far as per­son­al data is col­lec­ted on our web­site with the help of the tool described here and for­war­ded to Face­book or Ins­tagram, we and Meta Plat­forms Ire­land Lim­ited, 4 Grand Canal Square, Grand Canal Har­bour, Dub­lin 2, Ire­land are jointly respons­ible for this data pro­cessing (Art. 26 DSGVO). The joint respons­ib­il­ity is lim­ited exclus­ively to the col­lec­tion of the data and its for­ward­ing to Face­book or Ins­tagram. The pro­cessing by Face­book or Ins­tagram that takes place after the onward trans­fer is not part of the joint respons­ib­il­ity. The oblig­a­tions incum­bent on us jointly have been set out in a joint pro­cessing agree­ment. The word­ing of the agree­ment can be found under: https://www.facebook.com/legal/controller_addendum. Accord­ing to this agree­ment, we are respons­ible for provid­ing the pri­vacy inform­a­tion when using the Face­book or Ins­tagram tool and for the pri­vacy-secure imple­ment­a­tion of the tool on our web­site. Face­book is respons­ible for the data secur­ity of Face­book or Ins­tagram products. You can assert data sub­ject rights (e.g., requests for inform­a­tion) regard­ing data pro­cessed by Face­book or Ins­tagram dir­ectly with Face­book. If you assert the data sub­ject rights with us, we are obliged to for­ward them to Face­book.

Data trans­mis­sion to the US is based on the Stand­ard Con­trac­tu­al Clauses (SCC) of the European Com­mis­sion. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381.

For more inform­a­tion on this sub­ject, please con­sult Instagram’s Data Pri­vacy Declar­a­tion at: https://privacycenter.instagram.com/policy/.

The com­pany is cer­ti­fied in accord­ance with the “EU-US Data Pri­vacy Frame­work” (DPF). The DPF is an agree­ment between the European Uni­on and the US, which is inten­ded to ensure com­pli­ance with European data pro­tec­tion stand­ards for data pro­cessing in the US. Every com­pany cer­ti­fied under the DPF is obliged to com­ply with these data pro­tec­tion stand­ards. For more inform­a­tion, please con­tact the pro­vider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000GnywAAC&status=Active

LinkedIn

This web­site uses ele­ments of the Linked­In net­work. The pro­vider is Linked­In Ire­land Unlim­ited Com­pany, Wilton Plaza, Wilton Place, Dub­lin 2, Ire­land.

Any time you access a page of this web­site that con­tains ele­ments of Linked­In, a con­nec­tion to LinkedIn’s serv­ers is estab­lished. Linked­In is noti­fied that you have vis­ited this web­site with your IP address. If you click on LinkedIn’s “Recom­mend” but­ton and are logged into your Linked­In account at the time, Linked­In will be in a pos­i­tion to alloc­ate your vis­it to this web­site to your user account. We have to point out that we as the pro­vider of the web­sites do not have any know­ledge of the con­tent of the trans­ferred data and its use by Linked­In.

If your approv­al (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6 (1)(a) GDPR and § 25 TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­im­ate interest in mak­ing our inform­a­tion as com­pre­hens­ively vis­ible as pos­sible on social media.

Data trans­mis­sion to the US is based on the Stand­ard Con­trac­tu­al Clauses (SCC) of the European Com­mis­sion. Details can be found here: https://www.linkedin.com/help/linkedin/answer/62538/datenubertragung-aus-der-eu-dem-ewr-und-der-schweiz?lang=en.

For fur­ther inform­a­tion on this sub­ject, please con­sult LinkedIn’s Data Pri­vacy Declar­a­tion at: https://www.linkedin.com/legal/privacy-policy.

XING

This web­site uses ele­ments of the XING net­work. The pro­vider is the New Work SE, Dam­mt­or­straße 30, 20354 Ham­burg, Ger­many.

Any time one of our sites/pages that con­tains ele­ments of XING is accessed, a con­nec­tion with XING’s serv­ers is estab­lished. As far as we know, this does not res­ult in the archiv­ing of any per­son­al data. In par­tic­u­lar, the ser­vice does not store any IP addresses or ana­lyze user pat­terns.

If your approv­al (con­sent) has been obtained the use of the above­men­tioned ser­vice shall occur on the basis of Art. 6 (1)(a) GDPR and § 25 TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time. If your con­sent was not obtained, the use of the ser­vice will occur on the basis of our legit­im­ate interest in mak­ing our inform­a­tion as com­pre­hens­ively vis­ible as pos­sible on social media.

For more inform­a­tion on data pro­tec­tion and the XING share but­ton please con­sult the Data Pro­tec­tion Declar­a­tion of Xing at: https://www.xing.com/app/share?op=data_protection.

6. Analysis tools and advertising

Matomo

This web­site uses the open-source web ana­lys­is ser­vice Mat­omo.

Through Mat­omo, we are able to col­lect and ana­lyze data on the use of our web­site-by-web­site vis­it­ors. This enables us to find out, for instance, when which page views occurred and from which region they came. In addi­tion, we col­lect vari­ous log files (e.g. IP address, refer­rer, browser, and oper­at­ing sys­tem used) and can meas­ure wheth­er our web­site vis­it­ors per­form cer­tain actions (e.g. clicks, pur­chases, etc.).

The use of this ana­lys­is tool is based on Art. 6(1)(f) GDPR. The web­site oper­at­or has a legit­im­ate interest in the ana­lys­is of user pat­terns, in order to optim­ize the operator’s web offer­ings and advert­ising. If appro­pri­ate con­sent has been obtained, the pro­cessing is car­ried out exclus­ively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to inform­a­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

IP anonymization

For ana­lys­is with Mat­omo we use IP anonym­iz­a­tion. Your IP address is shortened before the ana­lys­is, so that it is no longer clearly assignable to you.

Hosting

We host Mat­omo exclus­ively on our own serv­ers so that all ana­lys­is data remains with us and is not passed on.

7. Newsletter

Newsletter data

If you would like to sub­scribe to the news­let­ter offered on this web­site, we will need from you an e‑mail address as well as inform­a­tion that allow us to veri­fy that you are the own­er of the e‑mail address provided and con­sent to the receipt of the news­let­ter. No fur­ther data shall be col­lec­ted or shall be col­lec­ted only on a vol­un­tary basis. We shall use such data only for the send­ing of the reques­ted inform­a­tion and shall not share such data with any third parties.

The pro­cessing of the inform­a­tion entered into the news­let­ter sub­scrip­tion form shall occur exclus­ively on the basis of your con­sent (Art. 6(1)(a) GDPR). You may revoke the con­sent you have giv­en to the archiv­ing of data, the e‑mail address, and the use of this inform­a­tion for the send­ing of the news­let­ter at any time, for instance by click­ing on the “Unsub­scribe” link in the news­let­ter. This shall be without pre­ju­dice to the law­ful­ness of any data pro­cessing trans­ac­tions that have taken place to date.

The data depos­ited with us for the pur­pose of sub­scrib­ing to the news­let­ter will be stored by us until you unsub­scribe from the news­let­ter or the news­let­ter ser­vice pro­vider and deleted from the news­let­ter dis­tri­bu­tion list after you unsub­scribe from the news­let­ter or after the pur­pose has ceased to apply. We reserve the right to delete or block e‑mail addresses from our news­let­ter dis­tri­bu­tion list at our own dis­cre­tion with­in the scope of our legit­im­ate interest in accord­ance with Art. 6(1)(f) GDPR.

Data stored for oth­er pur­poses with us remain unaf­fected.

After you unsub­scribe from the news­let­ter dis­tri­bu­tion list, your e‑mail address may be stored by us or the news­let­ter ser­vice pro­vider in a black­list, if such action is neces­sary to pre­vent future mail­ings. The data from the black­list is used only for this pur­pose and not merged with oth­er data. This serves both your interest and our interest in com­ply­ing with the leg­al require­ments when send­ing news­let­ters (legit­im­ate interest with­in the mean­ing of Art. 6(1)(f) GDPR). The stor­age in the black­list is indef­in­ite. You may object to the stor­age if your interests out­weigh our legit­im­ate interest.

8. Plug-ins and Tools

YouTube with expanded data protection integration

Our web­site embeds videos of the web­site You­Tube. The web­site oper­at­or is Google Ire­land Lim­ited (“Google”), Gor­don House, Bar­row Street, Dub­lin 4, Ire­land.

We use You­Tube in the expan­ded data pro­tec­tion mode. Accord­ing to You­Tube, this mode ensures that You­Tube does not store any inform­a­tion about vis­it­ors to this web­site before they watch the video. Nev­er­the­less, this does not neces­sar­ily mean that the shar­ing of data with You­Tube part­ners can be ruled out as a res­ult of the expan­ded data pro­tec­tion mode. For instance, regard­less of wheth­er you are watch­ing a video, You­Tube will always estab­lish a con­nec­tion with the Google Mar­ket­ing Net­work.

As soon as you start to play a You­Tube video on this web­site, a con­nec­tion to YouTube’s serv­ers will be estab­lished. As a res­ult, the You­Tube serv­er will be noti­fied, which of our pages you have vis­ited. If you are logged into your You­Tube account while you vis­it our site, you enable You­Tube to dir­ectly alloc­ate your brows­ing pat­terns to your per­son­al pro­file. You have the option to pre­vent this by log­ging out of your You­Tube account.

Fur­ther­more, after you have star­ted to play a video, You­Tube will be able to place vari­ous cook­ies on your device or com­par­able tech­no­lo­gies for recog­ni­tion (e.g. device fin­ger­print­ing). In this way You­Tube will be able to obtain inform­a­tion about this website’s vis­it­ors. Among oth­er things, this inform­a­tion will be used to gen­er­ate video stat­ist­ics with the aim of improv­ing the user friend­li­ness of the site and to pre­vent attempts to com­mit fraud.

Under cer­tain cir­cum­stances, addi­tion­al data pro­cessing trans­ac­tions may be triggered after you have star­ted to play a You­Tube video, which are bey­ond our con­trol.

The use of You­Tube is based on our interest in present­ing our online con­tent in an appeal­ing man­ner. Pur­su­ant to Art. 6(1)(f) GDPR, this is a legit­im­ate interest. If appro­pri­ate con­sent has been obtained, the pro­cessing is car­ried out exclus­ively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to inform­a­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

For more inform­a­tion on how You­Tube handles user data, please con­sult the You­Tube Data Pri­vacy Policy under: https://policies.google.com/privacy?hl=en.

The com­pany is cer­ti­fied in accord­ance with the “EU-US Data Pri­vacy Frame­work” (DPF). The DPF is an agree­ment between the European Uni­on and the US, which is inten­ded to ensure com­pli­ance with European data pro­tec­tion stand­ards for data pro­cessing in the US. Every com­pany cer­ti­fied under the DPF is obliged to com­ply with these data pro­tec­tion stand­ards. For more inform­a­tion, please con­tact the pro­vider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Adobe Fonts

In order to ensure the uni­form depic­tion of cer­tain fonts, this web­site uses fonts called Adobe Fonts provided by Adobe Sys­tems Incor­por­ated, 345 Park Aven­ue, San Jose, CA 95110–2704, USA (Adobe).

When you access pages of this web­site, your browser will auto­mat­ic­ally load the required fonts dir­ectly from the Adobe site to be able to dis­play them cor­rectly on your device. As a res­ult, your browser will estab­lish a con­nec­tion with Adobe’s serv­ers in the United States. Hence, Adobe learns that your IP address was used to access this web­site. Accord­ing to the inform­a­tion provided by Adobe, no cook­ies will be stored in con­junc­tion with the pro­vi­sion of the fonts.

Data are stored and ana­lyzed on the basis of Art. 6(1)(f) GDPR. The web­site oper­at­or has a legit­im­ate interest in a uni­form present­a­tion of the font on the operator’s web­site. If appro­pri­ate con­sent has been obtained, the pro­cessing is car­ried out exclus­ively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, inso­far the con­sent includes the stor­age of cook­ies or the access to inform­a­tion in the user’s end device (e.g., device fin­ger­print­ing) with­in the mean­ing of the TTDSG. This con­sent can be revoked at any time.

Data trans­mis­sion to the US is based on the Stand­ard Con­trac­tu­al Clauses (SCC) of the European Com­mis­sion. Details can be found here: https://www.adobe.com/de/privacy/eudatatransfers.html.

For more inform­a­tion about Adobe Fonts, please read the policies under: https://www.adobe.com/privacy/policies/adobe-fonts.html.

Adobe’s Data Pri­vacy Declar­a­tion may be reviewed under: https://www.adobe.com/privacy/policy.html.

The com­pany is cer­ti­fied in accord­ance with the “EU-US Data Pri­vacy Frame­work” (DPF). The DPF is an agree­ment between the European Uni­on and the US, which is inten­ded to ensure com­pli­ance with European data pro­tec­tion stand­ards for data pro­cessing in the US. Every com­pany cer­ti­fied under the DPF is obliged to com­ply with these data pro­tec­tion stand­ards. For more inform­a­tion, please con­tact the pro­vider under the fol­low­ing link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TNo9AAG&status=Active

hCaptcha

We use “hCaptcha” (here­in­after referred to as “hCaptcha“) on this web­site. The pro­vider is Intu­ition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (here­in­after referred to as “IMI”).

hCaptcha is being used to determ­ine wheth­er the entry of data into this web­site (e.g., into a con­tact form) is being pro­cessed by a per­son or an auto­mated pro­gram. For this pur­pose, hCaptcha ana­lyzes the beha­vi­or pat­terns of web­site vis­it­ors on the basis of sev­er­al char­ac­ter­ist­ics.

This ana­lys­is begins auto­mat­ic­ally as soon as the web­site vis­it­or enters a web­site with the activ­ated hCaptcha fea­ture. For the ana­lys­is, hCaptcha uses a wide range of inform­a­tion (e.g., the IP address, time spent on the web­site or mouse actions taken by the user). The data recor­ded dur­ing this ana­lys­is is for­war­ded to IMI.  If hCaptcha is used in the “invis­ible mode,” the ana­lyses are com­pletely con­duc­ted in the back­ground. Web­site vis­it­ors are not aler­ted to the per­form­ance of an ana­lys­is.

The stor­age and ana­lys­is of the data occurs on the basis of Art. 6 (1)(f) GDPR. The web­site oper­at­or has a legit­im­ate interest in pro­tect­ing the operator’s web present­a­tions against abus­ive auto­mat­ic spy­ing and SPAM. In the event that respect­ive con­sent has been obtained, the data will be pro­cessed exclus­ively on the basis of Art. 6 (1)(a) GDPR and § 25 (1) TTDSG, if the con­sent com­prises the stor­age of cook­ies or access to inform­a­tion on the user’s device (e.g., device fin­ger­print­ing) as defined in the TTDSG (Ger­man Tele­com­mu­nic­a­tions Act). Such con­sent may be revoked at any time.

The pro­cessing of data is based on Stand­ard Con­tract Clauses, included in the Data Pro­cessing Sup­ple­ment to the Gen­er­al Terms and Con­di­tions of IMI or in the data pro­cessing agree­ments.

For fur­ther inform­a­tion on hCaptcha, please con­sult the Data Pro­tec­tion Policy and Terms of Use under the fol­low­ing links: https://www.hcaptcha.com/privacy and https://hcaptcha.com/terms.